Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
File: 3keU2fyrI-wF3d1QSKP8cgQAKio.mft (raw, json)
Hash identifier: QFBHocPWniOoHm0Sx1WdPo2iDVhVhuSiq/SmwimU7ws=
Subject key identifier: 7D:74:42:40:44:FC:68:DC:E8:AD:32:A9:CA:94:1D:65:67:48:FB:0D
Authority key identifier: DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
Certificate issuer: /CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Certificate serial: 019A714A14E19ED2C442BEBB586B9DB9179D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
Manifest number: 104E
Signing time: Tue 11 Nov 2025 05:01:11 +0000
Manifest this update: Tue 11 Nov 2025 05:01:11 +0000
Manifest next update: Wed 12 Nov 2025 05:01:11 +0000
Files and hashes: 1: 3keU2fyrI-wF3d1QSKP8cgQAKio.crl (hash: YHHimkJJ1KG9nferSivRWSolEz2WQLY9Vg0cKo61288=)
2: ZK9gU4FBN8KUQTPHGhgGaXPIWjk.roa (hash: YFHfAWvmuV1pyKRAlUfEUWxi+ZLKrTZD/d9TC0Av1JQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:14:e1:9e:d2:c4:42:be:bb:58:6b:9d:b9:17:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Validity
Not Before: Nov 11 05:01:11 2025 GMT
Not After : Nov 12 05:01:11 2025 GMT
Subject: CN=7d74424044fc68dce8ad32a9ca941d656748fb0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:54:ed:16:7f:32:ce:76:aa:17:36:bd:85:b5:
c7:46:2f:ad:b4:2f:42:b2:b7:68:a1:aa:40:99:26:
9d:1c:b7:f8:1c:22:83:80:3a:11:d3:c5:35:ba:41:
eb:4c:7c:74:6b:86:72:9b:57:d8:95:da:9b:7e:4a:
c7:24:da:20:d1:c5:62:3c:2f:49:86:8c:ac:33:44:
54:b2:b5:ee:88:8a:97:cb:15:b9:ff:26:18:2e:d4:
eb:cc:a7:30:ff:48:85:16:90:98:3b:ab:d2:0d:e9:
8e:d3:84:4d:de:eb:0e:a4:17:7b:99:93:80:f7:ed:
36:8e:2d:6b:90:ae:bb:f0:3e:56:d9:a6:d7:e9:ad:
96:b6:4c:e1:f1:cf:b8:92:ee:57:0c:eb:8c:6f:30:
52:87:78:ed:6e:49:ca:53:ed:32:91:31:56:ed:d1:
e7:79:bc:40:1f:b2:1a:a7:bd:43:7c:5f:ff:8c:f7:
dc:74:6f:44:bb:3a:ac:f6:f5:b9:48:f6:f8:3f:92:
81:ba:5e:ef:c7:10:87:3c:7b:a5:34:56:7a:56:5f:
4a:8f:cd:19:fb:9a:c1:c0:6e:9c:fe:a4:70:e9:a7:
d5:69:15:25:d0:e9:7c:70:39:ba:07:fe:50:4c:0a:
55:e9:8c:52:ca:e9:d7:2a:e7:cc:5a:d7:bb:45:fb:
dd:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:74:42:40:44:FC:68:DC:E8:AD:32:A9:CA:94:1D:65:67:48:FB:0D
X509v3 Authority Key Identifier:
keyid:DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:8b:aa:d3:da:68:ed:05:9e:a1:c4:f7:e5:80:ec:c1:8b:50:
83:90:f7:44:db:9c:a5:5c:a3:ba:f1:61:20:2e:23:9d:39:de:
b1:f3:3e:61:93:70:84:a1:82:f2:ad:35:7e:a8:54:c6:9a:ef:
66:aa:8f:e9:3f:e0:3c:83:89:2a:1f:c6:50:3e:3a:a7:f6:38:
71:a3:ef:ad:21:0a:06:09:88:b5:98:aa:a0:86:8f:83:de:12:
e6:13:ee:28:df:f0:8f:a4:e3:2b:0f:e8:57:a1:f8:2a:94:0f:
38:dd:09:f3:a3:bb:14:3b:58:23:fc:09:8d:03:ae:8f:b3:7d:
af:bd:e0:55:9b:c8:58:19:b7:dd:99:3c:fb:4a:f6:82:0c:17:
06:62:b4:4e:31:97:a3:8f:e6:1a:93:62:58:ba:b8:50:0f:6c:
30:69:24:e8:2c:80:0b:4d:f8:a8:a6:c4:21:02:76:e5:2d:e5:
10:17:49:14:e7:1c:5f:74:7a:75:93:e9:63:8a:a3:b3:7f:df:
75:b8:0b:0f:54:29:ef:bf:34:8f:b2:ca:50:ab:6d:e2:39:83:
cc:4a:d8:5d:aa:bd:d9:31:2a:ed:6d:8e:04:f4:70:a8:d6:8a:
7c:4f:96:4f:af:fc:71:c3:7f:82:26:d6:2c:1e:fb:d5:01:34:
82:52:81:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxShThntLEQr67WGuduRedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDc5NGQ5ZmNhYjIzZWMwNWRkZGQ1MDQ4YTNmYzcyMDQw
MDJhMmEwHhcNMjUxMTExMDUwMTExWhcNMjUxMTEyMDUwMTExWjAzMTEwLwYDVQQD
Eyg3ZDc0NDI0MDQ0ZmM2OGRjZThhZDMyYTljYTk0MWQ2NTY3NDhmYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFTtFn8yznaqFza9hbXHRi+ttC9C
srdooapAmSadHLf4HCKDgDoR08U1ukHrTHx0a4Zym1fYldqbfkrHJNog0cViPC9J
hoysM0RUsrXuiIqXyxW5/yYYLtTrzKcw/0iFFpCYO6vSDemO04RN3usOpBd7mZOA
9+02ji1rkK678D5W2abX6a2Wtkzh8c+4ku5XDOuMbzBSh3jtbknKU+0ykTFW7dHn
ebxAH7Iap71DfF//jPfcdG9Euzqs9vW5SPb4P5KBul7vxxCHPHulNFZ6Vl9Kj80Z
+5rBwG6c/qRw6afVaRUl0Ol8cDm6B/5QTApV6YxSyunXKufMWte7RfvdgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH10QkBE/Gjc6K0yqcqUHWVnSPsNMB8GA1UdIwQY
MBaAFN5HlNn8qyPsBd3dUEij/HIEACoqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDIt
ZjAxMTI5Mzk1M2Y1LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDItZjAxMTI5Mzk1M2Y1
LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiYuq09po
7QWeocT35YDswYtQg5D3RNucpVyjuvFhIC4jnTnesfM+YZNwhKGC8q01fqhUxprv
ZqqP6T/gPIOJKh/GUD46p/Y4caPvrSEKBgmItZiqoIaPg94S5hPuKN/wj6TjKw/o
V6H4KpQPON0J86O7FDtYI/wJjQOuj7N9r73gVZvIWBm33Zk8+0r2ggwXBmK0TjGX
o4/mGpNiWLq4UA9sMGkk6CyAC034qKbEIQJ25S3lEBdJFOccX3R6dZPpY4qjs3/f
dbgLD1Qp7780j7LKUKtt4jmDzErYXaq92TEq7W2OBPRwqNaKfE+WT6/8ccN/gibW
LB771QE0glKBLQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:11 2025 by rpki-client